Technical information
- Android.DownLoader.1007.origin
- Android.DownLoader.1051.origin
- Android.DownLoader.1056.origin
- Android.Mobifun.30.origin
- Android.Mobifun.33.origin
- Android.RemoteCode.231.origin
- Android.Triada.4567
- Android.Triada.510.origin
- Android.Triada.573.origin
- Android.Packed.55438
- UDP(DNS) 8####.8.4.4:53
- TCP(HTTP/1.1) api.applove####.com:80
- TCP(HTTP/1.1) p####.pay####.com:80
- TCP(HTTP/1.1) hw9####.new####.com:80
- TCP(HTTP/1.1) jz####.mc####.com:12029
- TCP(HTTP/1.1) dwq.fs####.com:80
- TCP(HTTP/1.1) www.d####.xyz:80
- TCP(HTTP/1.1) z.c####.com:80
- TCP(HTTP/1.1) vi####.wit####.com:13002
- TCP(TLS/1.0) fo####.site:443
- TCP(TLS/1.0) and####.a####.go####.com:443
- TCP(TLS/1.0) 1####.251.36.3:443
- TCP(TLS/1.0) 5.ah####.com:443
- TCP(TLS/1.0) gd.a.s####.com:443
- TCP(TLS/1.0) b####.com:443
- TCP(TLS/1.0) www.qq####.ltd:443
- TCP(TLS/1.0) c####.pay####.com:443
- TCP(TLS/1.0) p####.google####.com:443
- TCP(TLS/1.0) 1####.250.179.142:443
- TCP(TLS/1.0) 1####.251.36.10:443
- TCP(TLS/1.0) bxx.pooboo####.com:443
- TCP(TLS/1.0) and####.google####.com:443
- TCP(TLS/1.0) 7.z####.top:443
- TCP(TLS/1.0) d####.seven####.com:443
- TCP(TLS/1.0) vi####.wit####.com:13003
- TCP(TLS/1.2) 1####.217.168.206:443
- TCP(TLS/1.2) 1####.251.36.10:443
- 5.ah####.com
- 7.z####.top
- a####.r####.com
- airamw####.com
- and####.a####.go####.com
- and####.google####.com
- android####.go####.com
- api.applove####.com
- b####.com
- bxx.pooboo####.com
- c####.pay####.com
- cdn.f####.com
- d####.seven####.com
- dwq.fs####.com
- fo####.site
- h####.b####.com
- hw9####.new####.com
- jz####.mc####.com
- nu####.js####.com
- p####.google####.com
- p####.pay####.com
- pla####.googleu####.com
- pv.s####.com
- vi####.wit####.com
- www.d####.xyz
- www.qq####.ltd
- z9.c####.com
- 5.ah####.com:443/thirdsdk/flowcashpack/103/mgidnews-140a-202107061216d
- 5.ah####.com:443/thirdsdk/flowcashpack/116/mgidnews2-137a-202107061200d
- 5.ah####.com:443/thirdsdk/flowcashpack/133/TK-156a-202106251800d
- 5.ah####.com:443/thirdsdk/flowcashpack/154/mgidnews3-151a-202112311508d
- 5.ah####.com:443/thirdsdk/flowcashpack/82/MF-1.19a-202104301548d
- 5.ah####.com:443/thirdsdk/flowcashpack/84/1619422325795-hx-aes-202103041...
- api.applove####.com/api/v3/cache/get?osv=####&srnc=####&token=####&ds=##...
- api.applove####.com/api/v3/template/get?slot_id=####&update_time=####&us...
- dwq.fs####.com/FB/nsa-1.0.0.18-mk03-20220112.zip
- dwq.fs####.com/dtbx/367/SZMK_20211202_1.zip
- dwq.fs####.com/dtbx/yeahmobi/unsigned.zip
- dwq.fs####.com/dtbx/yunshi/awli-release.zip
- dwq.fs####.com/plugins/applh0723.zip
- dwq.fs####.com/plugins/dp2.zip
- dwq.fs####.com/plugins/yz058Uc30i1220.zip
- fo####.site:443/78786454/s20220320145425.1
- gd.a.s####.com:443/cityjson
- p####.pay####.com/s-r/332/60063a81055a8
- www.qq####.ltd:443//CHANNEL_QW_412/md5.txt
- www.qq####.ltd:443//CHANNEL_QW_412/real.jar
- www.qq####.ltd:443/997ae859d3a5422d85623e52ee01bf72
- www.qq####.ltd:443/isneedtrue.txt
- z.c####.com/stat.htm?id=####&cnzz_eid=####
- 7.z####.top:443/v1/mgidnews
- 7.z####.top:443/v1/mgidnews2
- 7.z####.top:443/v1/mgidnews3
- b####.com:443/s/x
- bxx.pooboo####.com:443/v1/init?id=####
- bxx.pooboo####.com:443/v1/mr?id=####
- c####.pay####.com:443/1/j?a=####
- d####.seven####.com:443/AAService.svc/dsasdcsce
- d####.seven####.com:443/OOService.svc/adwsdw2wew
- hw9####.new####.com/api/activite
- hw9####.new####.com/apidata/showeb
- jz####.mc####.com:12029/hfdlls/
- jz####.mc####.com:12029/i3v8nb/
- jz####.mc####.com:12029/lfkdnr/
- vi####.wit####.com:13002/84gcjmo/
- vi####.wit####.com:13002/ck0k66o/
- vi####.wit####.com:13002/v1jyved/
- vi####.wit####.com:13003/ck0k66o/
- www.d####.xyz/Orders/getlive?channel=####&Slevi=####&anmac=####&anosv=##...
- /data/data/####/.confd
- /data/data/####/.confd-journal
- /data/data/####/.m
- /data/data/####/.mtj_timestamp
- /data/data/####/.pdn
- /data/data/####/.qnxa
- /data/data/####/.t
- /data/data/####/011134986548f3458aa3e7e2a7fceb8d
- /data/data/####/1.dex
- /data/data/####/1.dex.flock (deleted)
- /data/data/####/1.jar
- /data/data/####/104211exx
- /data/data/####/104211exx.dex
- /data/data/####/104211exx.dex.flock (deleted)
- /data/data/####/147e98cebd15654aa7ddd365db2d1a9c.xml
- /data/data/####/2022_04_18readzibao.xml
- /data/data/####/47AB7209AD7ACF4EB1EA636A3039D803
- /data/data/####/4B8D49FB58D68A9143C86DF5979F4158.dex
- /data/data/####/4B8D49FB58D68A9143C86DF5979F4158.dex.flock (deleted)
- /data/data/####/4B8D49FB58D68A9143C86DF5979F4158.temp
- /data/data/####/4B8D49FB58D68A9143C86DF5979F4158.zip
- /data/data/####/4f7ff0f7871d4f2a98752c288a49edd8
- /data/data/####/90FCBC4E72D8C499954E2A48BD6A2C19
- /data/data/####/90FCBC4E72D8C499954E2A48BD6A2C19.dex
- /data/data/####/90FCBC4E72D8C499954E2A48BD6A2C19.dex.flock (deleted)
- /data/data/####/90FCBC4E72D8C499954E2A48BD6A2C19.jar
- /data/data/####/90FCBC4E72D8C499954E2A48BD6A2C19.temp
- /data/data/####/99631aaa
- /data/data/####/99631aaa.dex
- /data/data/####/99631aaa.dex.flock (deleted)
- /data/data/####/C104C5D330E23823FF95E4BEE0061EE0
- /data/data/####/C104C5D330E23823FF95E4BEE0061EE0.dex
- /data/data/####/C104C5D330E23823FF95E4BEE0061EE0.dex.flock (deleted)
- /data/data/####/C104C5D330E23823FF95E4BEE0061EE0.temp
- /data/data/####/C104C5D330E23823FF95E4BEE0061EE0.zip
- /data/data/####/C3B2481BF31F7E7DF213B1679D8AFC65
- /data/data/####/D3F1BB684C4718D5852670B29887BDA4
- /data/data/####/D89AB5F36B917924B23A3F5E7738E06F
- /data/data/####/D89AB5F36B917924B23A3F5E7738E06F.dex
- /data/data/####/D89AB5F36B917924B23A3F5E7738E06F.dex.flock (deleted)
- /data/data/####/D89AB5F36B917924B23A3F5E7738E06F.jar
- /data/data/####/D89AB5F36B917924B23A3F5E7738E06F.temp
- /data/data/####/E2A13809C59CBC46B6E9C70C6ADD0458.dex
- /data/data/####/E2A13809C59CBC46B6E9C70C6ADD0458.dex.flock (deleted)
- /data/data/####/E2A13809C59CBC46B6E9C70C6ADD0458.temp
- /data/data/####/E2A13809C59CBC46B6E9C70C6ADD0458.zip
- /data/data/####/E7C8A3F6E0E20F381FF38DF485FCE16E
- /data/data/####/E7C8A3F6E0E20F381FF38DF485FCE16E.dex
- /data/data/####/E7C8A3F6E0E20F381FF38DF485FCE16E.dex.flock (deleted)
- /data/data/####/E7C8A3F6E0E20F381FF38DF485FCE16E.temp
- /data/data/####/E7C8A3F6E0E20F381FF38DF485FCE16E.zip
- /data/data/####/F73811C2013B84778D431A6EE070420A.dex
- /data/data/####/F73811C2013B84778D431A6EE070420A.dex.flock (deleted)
- /data/data/####/F73811C2013B84778D431A6EE070420A.jar
- /data/data/####/F73811C2013B84778D431A6EE070420A.temp
- /data/data/####/WTI5dExuTnpaMmR0TG01eWRXND0=.xml
- /data/data/####/WebViewChromiumPrefs.xml
- /data/data/####/__Baidu_Stat_SDK_SendRem.xml
- /data/data/####/__local_ap_info_cache.json
- /data/data/####/__local_last_session.json
- /data/data/####/__local_stat_cache.json
- /data/data/####/__send_data_1650290827123
- /data/data/####/abf8a28b5cb611ec82027cd30adffce01d6deb70-6d05-4...18e137
- /data/data/####/abf8a28b5cb611ec82027cd30adffce01d6deb70-6d05-4...37.dex
- /data/data/####/abf8a28b5cb611ec82027cd30adffce01d6deb70-6d05-4...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce038e17b0e57b6ecc...0e1356
- /data/data/####/abf8a28b5cb611ec82027cd30adffce038e17b0e57b6ecc...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce07bd85be31372d8d...be7608
- /data/data/####/abf8a28b5cb611ec82027cd30adffce07bd85be31372d8d...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce07f330257fa0f7d0...849278
- /data/data/####/abf8a28b5cb611ec82027cd30adffce07f330257fa0f7d0...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0bd763be6-8020-4...9ed1b4
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0bd763be6-8020-4...b4.dex
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0bd763be6-8020-4...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0d70169f8-a2fb-4...21bc42
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0d70169f8-a2fb-4...42.dex
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0d70169f8-a2fb-4...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0ed7fbfc0-5040-4...ab.dex
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0ed7fbfc0-5040-4...d9caab
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0ed7fbfc0-5040-4...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0edfcf34ad1edc69...b5e9de
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0edfcf34ad1edc69...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0ee3780d83d4e414...851643
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0ee3780d83d4e414...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f21b1448-be0f-4...776e88
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f21b1448-be0f-4...88.dex
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f21b1448-be0f-4...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f7944635-3d14-4...3c.dex
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f7944635-3d14-4...85653c
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f7944635-3d14-4...leted)
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f80aa90fbc9e8ee...1cache
- /data/data/####/abf8a28b5cb611ec82027cd30adffce0f80aa90fbc9e8ee...leted)
- /data/data/####/androidxcorefreec7z.
- /data/data/####/androidxcorefreec7z.dex
- /data/data/####/androidxcorefreec7z.dex.flock (deleted)
- /data/data/####/baidu_mtj_sdk_record.xml
- /data/data/####/base.apk
- /data/data/####/base.dex
- /data/data/####/base.dex.flock (deleted)
- /data/data/####/by_dis_sadfsadfads.xml
- /data/data/####/by_dis_sadfsadfads.xml.bak
- /data/data/####/by_rewfrenfio2pj.ertwe
- /data/data/####/by_werjklgewjrfer.xml
- /data/data/####/cd23423423423
- /data/data/####/com.bb.lb.py.core.try.の.fasjoiefajio
- /data/data/####/d69d2e54e5b584b6b69254cc35c04c07.xml
- /data/data/####/df4essr.xml
- /data/data/####/df4essr.xml.bak
- /data/data/####/dl_mk03amzcd.apk.temp (deleted)
- /data/data/####/e3f4r3ed.data-journal
- /data/data/####/ea0eeb8276f0571ec290eb23c3f787dd.xml
- /data/data/####/fc782376c5e21a0947860b9f4521031c.xml
- /data/data/####/gameid
- /data/data/####/gameid.zip
- /data/data/####/kaww.xml
- /data/data/####/kuhbs.dex
- /data/data/####/kuhbs.dex.flock (deleted)
- /data/data/####/kuhbs.jar
- /data/data/####/libcuid.so
- /data/data/####/libnadx.so
- /data/data/####/libnadx.so-32
- /data/data/####/libnadx.so-64
- /data/data/####/libnadx.so-64 (deleted)
- /data/data/####/libsszf.so
- /data/data/####/libsszf.so-32
- /data/data/####/libsszf.so-64
- /data/data/####/metrics_guid
- /data/data/####/mk03amzcd.apk
- /data/data/####/mk03amzcd.dex
- /data/data/####/mk03amzcd.dex.flock (deleted)
- /data/data/####/mt.xml
- /data/data/####/mv
- /data/data/####/nsa.xml
- /data/data/####/nsa_c.xml
- /data/data/####/ofew.png
- /data/data/####/org.syscheck.phoanlib.settings_ct_default.xml
- /data/data/####/org.syscheck.phoanlib.settings_preferences.xml
- /data/data/####/pakm.png
- /data/data/####/qc
- /data/data/####/readzibao.xml
- /data/data/####/real.jar
- /data/data/####/s1s1k1_c2o3n23f2i3g2.xml
- /data/data/####/s20220320145425.1
- /data/data/####/s20220320145425.dex (deleted)
- /data/data/####/s20220320145425.dex.flock (deleted)
- /data/data/####/s3p43_W12312312.xml
- /data/data/####/sp_cywz.xml
- /data/data/####/sp_dojz.xml
- /data/data/####/sp_inbbsj.xml
- /data/data/####/tbic.xml
- /data/data/####/vau
- /data/data/####/xfksgku
- /data/data/####/xtop.xml
- /data/data/####/yxni
- /data/misc/####/primary.prof
- app_process /system/bin com.android.commands.pm.Pm list package -3
- cat /proc/version
- cat /sys/class/net/wlan0/address
- getprop ro.build.display.id
- getprop ro.build.version.emui
- getprop ro.build.version.opporom
- getprop ro.miui.ui.version.name
- getprop ro.smartisan.version
- getprop ro.vivo.os.version
- getprop ro.yunos.build.version
- sh
- libnadx
- libsszf
- xfksgku
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- AES-ECB-PKCS5Padding
- DES-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
- RSA-None-PKCS1Padding
- AES-CBC-PKCS5Padding
- AES-CFB-NoPadding
- DES
- DES-CBC-PKCS5Padding
- RSA-ECB-PKCS1Padding
- RSA-None-PKCS1Padding
- desede-CBC-PKCS5Padding